As a developer, you always have to take the pain of getting adapted to the best practices and coding guidelines to be followed as per the organizational or industrial standards. Easy way to ensure your coding style follows certain standard is to manually analyze your code or use a static code analyzer like FxCop, StyleCop etc. Earlier days I have been a fan of FxCop as it was free and it provides me all necessary general guidelines in terms of improving my solution.

In this modern world of programming everything needs to be automated, as it saves time and money in terms of automating repetitive tasks and improves efficiency. This is where static code analysers coming effective.

What is Static Code Analysis?

Static program analysis is the analysis of computer software that is performed without actually executing programs, on some version of the program source code, and in the other cases, some form of the object code or intermediate compiled code .

Sophistication of static program analysis increases is based on how deep they analyze in terms of behavior of individual statements and declarations, to analyzing the entire source code.

PS: Analysis performed on executing programs is known as dynamic analysis.

In this article I will give you an overview of one such premier static code analysis tool that can be used for your daily development routine plus use it for CI integration for DevOps efficiency.

NDepend:

NDepend is a static analysis tool for .NET, specifically for managed code: NDepdend supports a large number of code metrics, allowing to visualize dependencies using directed graphs and dependency matrix. It also performs code base snapshots comparisons, and validation of architectural and quality rules.

The important capabilities of NDepend are:

Dependency Visualization through dependency matrix and graphs.

Analyse and generate software quality metrics – as per the documentation it supports 82 quality metrices.

Declarative rule support through LINQ queries, and it is called CQLinq and comes with a large number of predefined CQLinq rules.

Integration support for Cruise Control.Net, SonarCube, am City. Code rules can be configured to be checked automatically in Visual Studio or during continuous integration(CI).

License: NDepend is a commercial tool with licensing options as below:

Developer seats – $477 approx. / per seat.

Build Machine seats – $955 approx. / per seat.

** You could get volume discount if you bulk procure your licenses.

Installation:

Once you obtained license you will able to download NDepend_2018.1.1.9041.zip, is latest version available while I write this article. Extract the zip file into your local folder, you could see the different packages/executables within the package.

1.) NDepend.Console – Command line program to execute NDepend analysis. You would be mostly using this component on CI Build server Help

2.) NDepend.PowerTools – Helps write your own static analyzer based on NDepend.API, or tweak existing open-source Power Tools. Help

3.) NDepend.VisualStudioExtension.Installer – To install NDepend extension as part of Visual studio

NDepend is one of the best enterprise grade commercial static analyser seen so far. There are Visual Studio Code Analysis, FxCop and Stylecop Analyzer tools available but they do not provide extensive level of analysis reports NDepend provides. Being a commercial tool it gives value for money for customers by what they need. In terms of a day to day developer or devops lifecycle, you can integrate NDepend in your build process, which could be simple as executing the NDepend Console and reviewing the output. With NDepend’s API it is easy to develop your own custom analysis tools based on CQLinq and NDepend.PowerTools(which is open source). You could find all the detailed help in NDepend documentation.

“In learning you will teach, and in teaching you will learn.” -Phil Collins

About

Nithin Mohan – A passionate hardcore application programmer, software architect, and technology evangelist with over 13 years of experience in Web, Mobile, and Cloud applications design and development.
A hardware geek, a kick-starter, and a quick learner.

Disclaimer:
The opinions expressed herein are my own personal opinions and do not represent my employer's view in any way. This blog is to share knowledge, tips & tricks on software development using Emerging Technologies. Thanks to the readers and sincere thanks to all author's of crossposted blogs. Blog is powered by theme gitsta, customized for this blog. Enjoy reading the blog and subscribe to the RSS feed.